REMARKS 

STATUS OF THE CLAIMS 

Claims 1-3, 6-13, 16-19, and 21-23 were pending and stand rejected. Claims 1,10, 
and 21 are amended. Claim 24 is newly added. Claims 1-3, 6-13, 16-19, and 21-24 are 
pending upon entry of this amendment. 
AMENDMENTS TO THE SPECIFICATION 

Applicant has amended the specification to recite the following: "A chent computer 
1 , which includes a processor and which m ay be a desktop computer or a portable computer 
such as a notebook computer or a hand-held PDA (Personal Digital Assistant). . ." . As 
persons of ordinary skill in the art would readily recognize, computers include processors, as 
stated in the amendment. Applicant has also amended the specification to recite the 
following: "When implemented in software, modules 3 through 10 can reside on a computer 
storage r eadable medium or on a plurality of computer readable storage m edia, such as one or 
more floppy disks, hard disks, CDs, DVDs, etc." As persons of ordinary skill in the art 
would readily recognize, floppy disks, hard disks, CDs, DVDs are examples of computer- 
readable storage media, as stated in the amendment. Thus, Applicant believes that no new 
matter has been added and entry of these amendments is respectfully requested. 
REJECTIONS UNDER 35 U.S.C. § 112, SECOND PARAGRAPH 

Claims 1-3, 6-13, 16-19, and 21-23 were rejected under 35 U.S.C. § 112, second 
paragraph as allegedly indefinite. With respect to claims 1,10, and 21, the Examiner 
indicated that they contain the limitation "based at least in part on the reliability of the 
detectors that output the netspecs." The Examiner stated that the "succinct and definitive 
meaning of the reliability of the detectors is unclear." The Examiner indicated that, "[f]or 
examination purposes, the limitation will be treated as if referring to whether or not the 
detector is functioning." Claims 2-3, 6-9, 1 1-13, 16-19, and 22-23 depend from claims 1, 10, 
and 21, and so are rejected for the same reason. 
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Applicant respectfully submits that the claim language is definite. The claims recite 
"sorting the set of netspecs in a priority order based at least in part on the reliability of the 
detectors that output the netspecs." As explained in the Specification, "[t]he prioritization 
can be based upon the fact that some detectors 3 are more reliable in observing certain 
network connections, and therefore it is deemed that these detectors 3 should be awarded 
priority." Specification, p. 7, line 27 through p. 8, line 2. Thus, the reliability of the 
detectors refers to whether the detectors are more or less reliable than other detectors, and the 
sorting of the netspecs is based on this reHability. The scope of the claim language is clear. 
Applicant has further clarified this in the independent claims 1,10, and 21, by amending the 
claim to recite "wherein detectors considered more reliable than other detectors in observing 
network interfaces are awarded priority in the sorting." Thus, it is clear in the claim that the 
reliability refers the reliability in observing network interfaces, and the reliability is measured 
in terms of detectors being more reliable than other detectors, which are awarded priority in 
the sorting. 

Applicant also respectfully disagrees with the Examiner's interpretation of reliability 
as "whether or not the detector is functioning." Applicant respectfully submits that it is 
possible for a highly reliable detector to fail to perform accurate detection at some point in 
time, and it is possible for a highly unreliable detector to perform accurate detection at some 
other point in time. Thus, the state of a detector at a given point in time is not the same as the 
reliability of that detector. Rather, reliability is an estimation of the likelihood that a detector 
will perform accurate detection when used in the future. 

Accordingly, Applicant respectfully requests withdrawal of this rejection. 
REJECTIONS UNDER 35 U.S.C. § 101 

Claims 10-13 and 16-19 were rejected under 35 U.S.C. § 101 as allegedly being 
unpatentable because the claimed invention is directed to non-statutory subject matter. 
Applicant traverses this ground of rejection. The Examiner stated the independent claim 10 
"does not contain any elements that are definitively embodied in hardware." Office Action, 
p. 3. Without agreeing with the Examiner, but to expedite prosecution. Applicant has 
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amended independent claim 10 to recite "a computer-readable storage medium storing 
executable software means comprising" and "a processor configured to execute the software 
means stored by the computer-readable storage medium." Thus, the claim contains elements 
that are definitively embodied in hardware. Claims 12-13 and 16-19 depend from claim 10 
and so also recite these elements. Accordingly, Applicant respectfully requests withdrawal 
of this rejection. 

REJECTIONS UNDER 35 U.S.C. § 102(e) 

Claims 1, 9-10, 18-19, and 21-22 stand rejected under 35 U.S.C. § 102(e) as being 
anticipated by Moore et al. (U.S. Patent No. 7,000,015). Applicant respectfully traverses 
these rejections as apphed to the amended claims. 

The independent claims recite elements related to associating computer network 
identifications with network policies. For example, independent claim 1 recites the 
following: 

1 . A method for associating computer network identifications with network policies, 

said method comprising the steps of: 

analyzing a network interface associated with a client computer using a 

plurality of network detectors, the detectors outputting a set of a plurality 
of netspecs, each netspec comprising a first token identifying a detector 
used for the analysis and a second token identifying the analyzed network 
interface; 

sorting the set of netspecs in a priority order based at least in part on the 
reliability of the detectors that output the netspecs, wherein detectors 
considered more reliable in observing network interfaces than other 
detectors are awarded priority in the sorting; 

associating the network identifications made by the set of netspecs with 

locations based at least in part on the priority order of the set of netspecs; 
and 

feeding associated network identification/location pairs to a network interface 
module to implement desired network policies. 

Similar elements are recited in independent claims 10 and 21. 

Moore does not teach all of the recited elements of the claims. Moore fails to 
disclose, at least, the step of "sorting the set of netspecs in a priority order based at least in 
part on the reliability of the detectors that output the netspecs, wherein detectors 
considered more reliable in observing network interfaces than other detectors are awarded 
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priority in the sorting'^ as recited in the amended claims. Moore describes a service that 
discovers the physical locations of a host computer's connections to logical networks and 
provides that information to other applications operating on the host computer. See Moore, 
Abstract. A Network Location Resolution Service Provider ("NLRSP") operates on the host 
computer and shares a common API with other applications operating on the host computer. 
The NLRSP contacts the drivers for each new network interface available to the host 
computer, determines the GUID (globally unique identifier) for each new interface, and then 
communicates the determined GUID information to other applications operating on the host 
computer through the common APL See Moore, col. 13, lines 30-38 and col. 14, lines 30-34. 
Thus, at most Moore discloses determining GUID information for each new network 
interface. 

However, Moore does not disclose or suggest the sorting step as recited by amended 
claim 1 . The Examiner stated that Moore discloses this element "where the set of netspecs is 
the GUID and if a detector is unreliable, i.e., fails, then it will not send the associated data 
that would have been detected." Office Action, p. 5. The Examiner further explained that 
"[t]hus, the prioritization has been modified as the data is not there to be prioritized." Id. 
The Examiner also stated "the priority module that the data is in would be the data structure 
responsible for storing the information," and "the priority could be as simple as grabbing the 
next piece of data in a queue." Id. Applicant respectfiilly disagrees that the sections of 
Moore cited disclose the sorting step as claimed. 

First, as explained above. Applicant disagrees with the Examiner's interpretation of 
reliability as referring to "whether or not the detector is fimctioning." Instead, reliability is 
an estimation of the likelihood that a detector will perform accurate detection. The 
Specification also makes clear that this interpretation is intended based on the examples 
provided, such as that in Table 2 on page 7, in which "each detected network interface is 
assigned an arbitrary consecutive number" such as 1 to 6 in the Table. The Specification 
explains that this is a sorting of the netspecs in a priority order based on the fact that some 
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detectors are more reliable in observing certain network connections than others. 
Specification, p. 7, line 24 through p. 8, line 2. 

Second, even if one were to accept the Examiner's interpretation of reUability for the 
sake of argument, Moore still fails to disclose the element. The Examiner provided the 
example of a detector in Moore failing, and so not sending the associated data that would 
have been detected. In the Examiner's example, this failing of the detector changed the 
prioritization of the data since there would be no data for some detectors. However, the 
section of Moore cited by the Examiner fails to refer to failure of detectors, and fails to refer 
to any prioritization of netspecs so also does not refer to a changing of prioritization based on 
detector failure. Even if Moore did refer to a failure of detectors so that some detectors 
provide no data, Moore does not refer to any sorting of netspecs into a priority order in the 
first place, so there is no such priority order to be disrupted by detector failure. The 
Examiner states that the "priority could be a simple as grabbing the next piece of data in the 
queue." Office Action, p. 5. However, the claim still requires a step of sorting the netspecs 
into this priority order, even if priority were interpreted as the Examiner suggested. 

Third, the claim element has been amended to clarify that the set of netspecs includes 
a plurality of netspecs, and the sorting step was amended to recite that ''detectors considered 
more reliable in observing network interfaces than other detectors are awarded priority in 
the sorting.''^ It is clear fi-om this language that the sorting in a priority order means a sorting 
in which the detectors that are considered more reliable in observing network interfaces than 
other detectors are awarded priority, not that the prioritization is changed based on failure of 
some detectors. The claim refers to the reliability of the detectors in observing network 
interfaces, not in terms of whether or not a detector is functioning. The reliability is 
measured in terms of detectors being more reliable than other detectors, which are awarded 
priority in the sorting. 

Accordingly, Applicant respectfully submits that the cited references do not teach or 
suggest every element of amended claims 1,11, and 21. Therefore, the independent claims 
are not anticipated by the cited references, nor are anticipated the dependent claims that 
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incorporate the elements of their base claims. 
REJECTIONS UNDER 35 U.S.C. § 103(a) 

Claims 2-3, 6-8, 1 1-13, and 16-17 stand rejected under 35 U.S.C. § 103(a) as 
allegedly being unpatentable over Moore in view of Aaron (U.S. Publication No. 
2004/0268150). 

For at least the reasons stated above regarding why Moore fails to disclose all of the 
elements of the independent claims, Moore also fails to disclose the elements of dependent 
claims 2-3, 6-8, 11-13, and 16-17. Aaron does not remedy the deficiencies in Moore, as 
discussed in the previous Office Action Response. Aaron discloses a system for providing 
network-based firewall policy configuration and facilitation. See Aaron, Abstract. A pohcy 
modification agent ("PMA") resides on a memory along with an operating system. See 
Aaron, [0028]. A user sends a notification to a firewall facilitation coordinator ("FFC") to 
modify the user's firewall policy for a new application. The FFC receives the notification 
and authenticates the user. The FFC sends a request to the PMA seeking modification of the 
firewall policy as applied to the new application. See Aaron, [0044]. Upon receiving the 
request, the PMA initiates an "exercise period". During the exercise period the PMA 
observes packets associated with the new application. See Aaron, [0046]. The PMA then 
generates rules for fihering the packets based on whether questionable packets are observed 
during this exercise period. See Aaron, [0047]-[0050] and FIGS. 5A-5D. However, like 
Moore, Aaron does not disclose sorting a set of netspecs in a priority order based at least in 
part on the reliability of the detectors that output the netspecs. 

The Examiner stated in his earlier Office Action that paragraph [0050] of Aaron 
discloses the prioritization. However, paragraph [0050] discloses fiirther details about the 
exercise period and not prioritizing a set of netspecs. Specifically, if the PMA observes 
questionable packets during the exercise period, it will sort the questionable packets into 
groups based on packet types and prioritize these groups based on the likelihood that the 
packets will be required for the new application to fiinction through the firewall. See Aaron, 
at paragraphs [0049]-[0050]. Thus, at most Aaron discloses prioritization of groups of 
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questionable packets. However, the GUID information disclosed by Moore is different from 
the groups of questionable packets disclosed by Aaron. A person of ordinary skill in the art 
aware of the prioritization of groups of questionable packets disclosed by Aaron would not 
be lead to modify Moore to prioritize GUID information. Moreover, even if such a person 
did modify Moore based on Aaron, the result would still not arrive at the claimed invention 
because neither Moore nor Aaron teach or suggest a priority order "based at least in part on 
the reliability of the detectors that output the netspecs." Further, Aaron does not disclose 
the sorting step, wherein detectors considered more reliable in observing network 
interfaces than other detectors are awarded priority in the sorting. 

Thus, Moore and Aaron, either alone or in the combination suggested by the 
Examiner, do not teach or suggest every element of independent claims 1,10, and 21, nor the 
claims depending therefrom. Accordingly, Applicant requests withdrawal of this rejection. 

CONCLUSION 

Withdrawal of the pending rejections and reconsideration of the claims are 
respectfully requested, and a notice of allowance is earnestly solicited. If the Examiner has 
any questions concerning this Response, the Examiner is invited to telephone Applicant's 
representative at (650) 335-7185. 

Respectfully Submitted, 
Peter Linhardt 



Date: June 23. 2009 By: /Antonia L. Seaueira/ 

Antonia L. Sequeira, Esq. 
Reg. No.: 54,670 
Fenwick & West LLP 
Silicon Valley Center 
801 California Street 
Mountain View, CA 94041 
Tel.: (650)335-7185 
Fax.: (650) 938-5200 
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